Re: [Exim] "Complex" SMTP AUTH conditions

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MMPeter Galbavy at <-
MPhilip Hazel at ->
Delete this message
Reply to this message
Author: michael
Date:  
To: exim-users, peter.galbavy
Subject: Re: [Exim] "Complex" SMTP AUTH conditions
> I already allow people to log into their pop3 and imap accounts using their
> full e-mail address (peter.galbavy@??? for me). To allow people to
> use the same details for SMTP AUTH I need to split the username on the '@'
> using a regex...

Be aware that netscape throws the @ with anything that follows it away.
At least it used to do so, which is why I allow a semicolon instead of
an @ as well.

> BTW Is there anyway that anyone can see for me to support CRAM with
> pre-encrypted passwords ? I don't think that this is possible, but I am
> willing to be proved wrong.

I don't know if Exim supports that and if SMTP AUTH is like IMAP AUTH, but
read about CRAM-MD5 for AUTH in imap, RFC2195, which I just have in front
of me:

Keyed MD5 is chosen for this application because of the greater
security imparted to authentication of short messages. In addition,
the use of the techniques described in [KEYED-MD5] for precomputation
of intermediate results make it possible to avoid explicit cleartext
storage of the shared secret on the server system by instead storing
the intermediate results which are known as "contexts".

Michael



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[Exim] "Complex" SMTP AUTH conditionsRe: [Exim] TCP service "smtp" not found?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)